Securely configuring the potentially thousands of cloud identities, workloads, and other resources needed to support the high pace of modern software development is difficult—but also critical to prevent attackers from breaching these systems, where security gaps too often go unnoticed. For this report, we analyzed security posture data from a sample of thousands of organizations that use AWS, Azu